Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
WISEC
2010
ACM
2010
ACM
Automating the injection of believable decoys to detect snooping
We propose a novel trap-based architecture for enterprise networks that detects “silent” attackers who are eavesdropping network traffic. The primary contributions of our work are the ease of injecting, automatically, large amounts of believable bait, and the integration of various detection mechanisms in the back-end. We demonstrate our methodology in a prototype platform that uses our decoy injection API to dynamically create and dispense network traps on a subset of our campus wireless network. Finally, we present results of a user study that demonstrates the believability of our automatically generated decoy traffic. Categories and Subject Descriptors K.6.5 [Management of Computing and Information Systems]: Security and Protection—invasive software, unauthorized access; K.6.m [Management of Computing and Information Systems]: Miscellaneous—security General Terms Design, Measurement, Security Keywords Decoys, Honeyflow, Honeytoken, Traffic generation, Trapbased defense, De...
Real-time TrafficCampus Wireless Network | Decoy Injection Api | Various Detection Mechanisms | Wireless Network | WISEC 2010 |
| Added | 14 May 2010 |
| Updated | 14 May 2010 |
| Type | Conference |
| Year | 2010 |
| Where | WISEC |
| Authors | Brian M. Bowen, Vasileios P. Kemerlis, Pratap V. Prabhu, Angelos D. Keromytis, Salvatore J. Stolfo |
Comments (0)
Researcher Info
|
